From: "Gary Guo" <gary@garyguo.net>
To: "Demi Marie Obenour" <demiobenour@gmail.com>,
"Miguel Ojeda" <miguel.ojeda.sandonis@gmail.com>
Cc: "Julian Braha" <julianbraha@gmail.com>, <nathan@kernel.org>,
<nsc@kernel.org>, <jani.nikula@linux.intel.com>,
<akpm@linux-foundation.org>, <gary@garyguo.net>, <ljs@kernel.org>,
<arnd@arndb.de>, <gregkh@linuxfoundation.org>,
<masahiroy@kernel.org>, <ojeda@kernel.org>, <corbet@lwn.net>,
<qingfang.deng@linux.dev>, <yann.prono@telecomnancy.net>,
<ej@inai.de>, <linux-kernel@vger.kernel.org>,
<rust-for-linux@vger.kernel.org>, <linux-doc@vger.kernel.org>,
<linux-kbuild@vger.kernel.org>
Subject: Re: [RFC PATCH v3 1/3] scripts: add kconfirm
Date: Thu, 28 May 2026 15:30:22 +0100 [thread overview]
Message-ID: <DIUDREOJ8GWB.3QMNEGBRFQSWK@garyguo.net> (raw)
In-Reply-To: <f77a4858-2bcf-4bfb-95e0-24a5d91e0862@gmail.com>
On Sun May 17, 2026 at 9:25 PM BST, Demi Marie Obenour wrote:
> On 5/17/26 05:58, Miguel Ojeda wrote:
>> On Sun, May 17, 2026 at 8:10 AM Demi Marie Obenour
>> <demiobenour@gmail.com> wrote:
>>>
>>> I think it is simpler to just inline all of this code into its
>>> single call-site. The safety of the code is obvious in context,
>>> and you can avoid checking for impossible errors. For instance,
>>> since all of the options have required arguments, it really is safe
>>> to dereference optarg without any null check.
>>
>> If we are going to have unsafe code, then let's please build safe
>> abstractions wherever possible, just like we do elsewhere. We should
>> also write `// SAFETY` comments and enable the lints that catch that
>> etc., just like elsewhere too.
>>
>> (This is not to say we should use `getopt` instead of something like
>> `clap` -- as soon as we start using `cargo vendor`, then it makes
>> sense to at least consider having a set of vetted, well-known crates
>> to write Rust tools in-tree, as I mentioned in v1.)
>
> I was hoping for Linux to avoid the Rust trend of downloading tons
> of third-party crates, with all the supply-chain risks that entails.
> Hence the idea of using getopt and system C libraries.
Well, there're quite a few libraries which are "third-party" but they're
blessed and used by the Rust compiler itself (and often maintained by the same
group of people behind the Rust project).
https://github.com/rust-lang/rust/blob/main/Cargo.lock
For example, I would trust `clap` to be used, and I think it's a huge
developer-experience improvement compared to getopt.
I think it's not really reasonable to avoid all dependencies, after all, C tools
also require a few dependencies, it's just that they're sourced from distro and
not crates.io.
I think the only issue is that unlike C libraries, there's no unified ways for
distros to ship these libraries (and some distros don't ship individual Rust
crates as libraries at all). It used to be the case that you can enable the
`rustc_private` feature and just link against whatever the version that the Rust
compiler depends on, but rustc stopped you from doing that a while ago because
they don't want people to depend on rustc's private dependencies.
If the concern is with supply chain security, there're mechanisms like cargo-vet
https://github.com/mozilla/cargo-vet which can be used to ensure dependencies to
be audited. That plus the hash locking should be sufficient.
Best,
Gary
next prev parent reply other threads:[~2026-05-28 14:30 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-16 21:53 [RFC v3 0/3] add kconfirm Julian Braha
2026-05-16 21:53 ` [RFC PATCH v3 1/3] scripts: " Julian Braha
2026-05-17 6:10 ` Demi Marie Obenour
2026-05-17 9:58 ` Miguel Ojeda
2026-05-17 20:25 ` Demi Marie Obenour
2026-05-17 22:53 ` Miguel Ojeda
2026-05-18 8:08 ` Arnd Bergmann
2026-05-18 18:19 ` Julian Braha
2026-05-28 14:30 ` Gary Guo [this message]
2026-05-17 6:28 ` Miguel Ojeda
2026-05-17 7:32 ` Demi Marie Obenour
2026-05-17 9:30 ` Miguel Ojeda
2026-05-17 9:32 ` Demi Marie Obenour
2026-05-17 9:48 ` Miguel Ojeda
2026-05-17 9:28 ` Nathan Chancellor
2026-05-16 21:53 ` [RFC PATCH v3 2/3] Documentation: " Julian Braha
2026-05-17 6:05 ` Miguel Ojeda
2026-05-17 9:40 ` Nathan Chancellor
2026-05-17 12:35 ` Miguel Ojeda
2026-05-16 21:53 ` [RFC PATCH v3 3/3] MAINTAINERS: create entry for kconfirm Julian Braha
2026-05-16 22:36 ` [RFC v3 0/3] add kconfirm Julian Braha
2026-05-17 6:14 ` Demi Marie Obenour
2026-05-17 23:21 ` Julian Braha
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=DIUDREOJ8GWB.3QMNEGBRFQSWK@garyguo.net \
--to=gary@garyguo.net \
--cc=akpm@linux-foundation.org \
--cc=arnd@arndb.de \
--cc=corbet@lwn.net \
--cc=demiobenour@gmail.com \
--cc=ej@inai.de \
--cc=gregkh@linuxfoundation.org \
--cc=jani.nikula@linux.intel.com \
--cc=julianbraha@gmail.com \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kbuild@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=ljs@kernel.org \
--cc=masahiroy@kernel.org \
--cc=miguel.ojeda.sandonis@gmail.com \
--cc=nathan@kernel.org \
--cc=nsc@kernel.org \
--cc=ojeda@kernel.org \
--cc=qingfang.deng@linux.dev \
--cc=rust-for-linux@vger.kernel.org \
--cc=yann.prono@telecomnancy.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox